[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] server security
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] server security
- From: Gage Bystrom <themadichib0d@xxxxxxxxx>
- Date: Thu, 21 Jun 2012 09:25:13 -0700
Well thats a bit of an iffy one. I'd say it IS a security measure,
albeit one that is solely effective if and only if compounded with
other measures.
It's unlikely, but you never know, you just might miss out on a nasty
worm all because you werent running on a default port one day.
On Thu, Jun 21, 2012 at 8:52 AM, Rob <synja@xxxxxxxxxxxxxxxxx> wrote:
> We need to make a distinction between security and obscurity here. The only
> time changing ports actually hardens a service in any way is when the port
> requires elevated rights to bind, changing to 1025 for example removes the
> root requirement. Any actual or theoretical vulnerabilities still exist. If
> somebody is looking at your server, they'll find the port without much
> trouble. Alternate ports can remove junk traffic from logs, so there is a
> benefit, if not entirely a security one.
>
> Rob
>
>
> Sent on the Sprint® Now Network from my BlackBerry®
>
> -----Original Message-----
> From: Alex Dolan <dolan.alex@xxxxxxxxx>
> Sender: listbounce@xxxxxxxxxxxxxxxxx
> Date: Thu, 21 Jun 2012 07:44:57
> To: Littlefield, Tyler<tyler@xxxxxxxxxxxxx>
> Cc: <security-basics@xxxxxxxxxxxxxxxxx>
> Subject: Re: server security
>
> One tip I have is to set SSH to a port other than 22, I don't need to
> tell anyone how devastating it is if someone did actually get access
> to that service. Putting it on some other port reduces your risk
>
> On Thu, Jun 21, 2012 at 1:27 AM, Littlefield, Tyler <tyler@xxxxxxxxxxxxx>
> wrote:
>> Hello:
>> I have a couple questions. First, I'll explain what I did:
>> I set up iptables and removed all unwanted services. Iptables blocks
>> everything, then only opens what it wants. I also use the addrtype module to
>> limit broadcast and unspec addresses, etc. I also do some malformed packet
>> work where I just drop everything that looks malformed (mainly by the
>> flags).
>> 2) I secured ssh: blocked root logins, set it up so only users in the
>> sshusers group can connect, and set it only to allow ppk.
>> 3) I installed aid.
>> 4) disabled malformed packets and forwarding/etc in sysctl.
>> This is a basic web server that runs email, web and a couple other things.
>> It's only running on a linode512, so I don't have the ability to set up a
>> ton of stuff; I also think that would make things more of a mess. What else
>> would be recommended?
>> Also, I'm looking to add something to the web server; sometimes I notice
>> that there are a lot of requests from people scanning for common urls like
>> wordpress/phpbb3/etc, what kind of preventative measures exist for this?
>>
>>
>> --
>> Take care,
>> Ty
>> http://tds-solutions.net
>> The aspen project: a barebones light-weight mud engine:
>> http://code.google.com/p/aspenmud
>> He that will not reason is a bigot; he that cannot reason is a fool; he that
>> dares not reason is a slave.
>>
>>
>> ------------------------------------------------------------------------
>> Securing Apache Web Server with thawte Digital Certificate
>> In this guide we examine the importance of Apache-SSL and who needs an SSL
>> certificate. We look at how SSL works, how it benefits your company and how
>> your customers can tell if a site is secure. You will find out how to test,
>> purchase, install and use a thawte Digital Certificate on your Apache web
>> server. Throughout, best practices for set-up are highlighted to help you
>> ensure efficient ongoing management of your encryption keys and digital
>> certificates.
>>
>> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
>> ------------------------------------------------------------------------
>>
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL
> certificate. We look at how SSL works, how it benefits your company and how
> your customers can tell if a site is secure. You will find out how to test,
> purchase, install and use a thawte Digital Certificate on your Apache web
> server. Throughout, best practices for set-up are highlighted to help you
> ensure efficient ongoing management of your encryption keys and digital
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/